[nsp-sec] NTP reflection attacks
John Brown
john at citylinkfiber.com
Wed Jan 8 15:10:43 EST 2014
ACK 7850, and in process of being squashed
7850 neighbors are being informed now.
On Wed, Jan 8, 2014 at 12:44 PM, Jared Mauch <jared at puck.nether.net> wrote:
> ----------- nsp-security Confidential --------
>
> On Wed, Jan 08, 2014 at 02:39:04PM -0500, Jared Mauch wrote:
> > ----------- nsp-security Confidential --------
> >
> > On Thu, Jan 02, 2014 at 04:22:44PM +0000, Wentworth, Brett wrote:
> > > ----------- nsp-security Confidential --------
> > >
> > > We are seeing a spike. Anyone else?
> >
> > Sure.
> >
> > http://openntpproject/ntp-worst-cymru.txt is available for your
> remediation action.
> > The website will be searchable soon, perhaps with the data from
> tomorrows scan.
>
> that should be *dot org*
>
> Also TOP ASNs:
>
> 237124 7018
> 78356 4766
> 55886 2914 (oops on us!)
> 26187 9318
> 13704 15290
> 11632 6389
> 11514 7029
> 10472 4134
> 10190 4323
> 7617 3786
> 6908 7132
> 6078 17506
> 5510 36149
> 5303 46375
> 5198 3320
> 4833 9808
> 4817 4837
> 2814 1785
> 2810 3462
> 2758 4847
> 2409 17444
> 2391 36351
> 2335 23352
> 2230 20057
> 2227 15557
> 2207 3356
> 2155 3152
> 2144 5606
> 2140 29182
> 2124 1221
> 2011 6830
> 1987 2516
> 1783 9269
> 1777 50245
> 1761 20773
> 1754 24940
> 1726 2497
> 1638 4713
> 1636 12389
> 1631 10029
> 1628 20021
> 1619 3269
> 1614 24557
> 1613 15418
> 1600 31200
> 1578 9202
> 1502 786
> 1426 16276
> 1422 3301
> 1412 28717
> 1382 4725
> 1382 174
> 1333 680
> 1293 137
> 1292 2906
> 1283 13768
> 1234 22773
> 1229 4812
> 1198 9443
> 1181 2711
> 1172 600
> 1149 7065
> 1129 209
> 1117 701
>
>
> --
> Jared Mauch | +1 313 506 4307 * AS2914
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
>
More information about the nsp-security
mailing list